%3c/title%3e%3cdefs%3e%3clinearGradient%20id='gCenter'%20x1='0%25'%20y1='0%25'%20x2='100%25'%20y2='100%25'%3e%3cstop%20offset='0%25'%20stop-color='%2300286f'/%3e%3cstop%20offset='100%25'%20stop-color='%231a3d8f'/%3e%3c/linearGradient%3e%3clinearGradient%20id='gTopRight'%20x1='0%25'%20y1='0%25'%20x2='100%25'%20y2='100%25'%3e%3cstop%20offset='0%25'%20stop-color='%232d4f9e'/%3e%3cstop%20offset='100%25'%20stop-color='%234a7bd0'/%3e%3c/linearGradient%3e%3clinearGradient%20id='gBottomLeft'%20x1='0%25'%20y1='0%25'%20x2='100%25'%20y2='100%25'%3e%3cstop%20offset='0%25'%20stop-color='%234a7bd0'/%3e%3cstop%20offset='100%25'%20stop-color='%236a93de'/%3e%3c/linearGradient%3e%3clinearGradient%20id='gLine'%20x1='0%25'%20y1='0%25'%20x2='100%25'%20y2='100%25'%3e%3cstop%20offset='0%25'%20stop-color='%232d4f9e'%20stop-opacity='0.55'/%3e%3cstop%20offset='100%25'%20stop-color='%234a7bd0'%20stop-opacity='0.55'/%3e%3c/linearGradient%3e%3c/defs%3e%3c!--%20Connecting%20lines%20(drawn%20first,%20sit%20behind%20circles)%20--%3e%3cg%20stroke-linecap='round'%20fill='none'%3e%3cline%20x1='235.17'%20y1='210.95'%20x2='634.29'%20y2='630.20'%20stroke='url(%23gLine)'%20stroke-width='6'/%3e%3cline%20x1='592.86'%20y1='201.65'%20x2='187.17'%20y2='543.89'%20stroke='url(%23gLine)'%20stroke-width='6'/%3e%3c/g%3e%3c!--%20Five%20circles,%20structure%20preserved%20exactly%20from%20original%20--%3e%3ccircle%20cx='195.33'%20cy='169.10'%20r='57.78'%20fill='%238fb1e8'/%3e%3ccircle%20cx='124.16'%20cy='597.05'%20r='82.44'%20fill='url(%23gBottomLeft)'/%3e%3ccircle%20cx='693.51'%20cy='692.41'%20r='85.89'%20fill='%2300286f'/%3e%3ccircle%20cx='673.67'%20cy='133.47'%20r='105.73'%20fill='url(%23gTopRight)'/%3e%3ccircle%20cx='400'%20cy='400'%20r='220.01'%20fill='url(%23gCenter)'/%3e%3c/svg%3e)
We are a data processor. You — our customer — are the data controller. We process personal data on your instructions, under the terms of the Master Services Agreement and Data Processing Agreement.
The personal data we process is operational in nature: user accounts, audit trails, and the people referenced in shift logs and approval chains. We do not commercialise customer data; it is never used for advertising or model training.
Where your data lives
By default OpSyn data is stored in Microsoft Azure UK South. EU residency is available on request for tenants with an explicit EU data-residency requirement.
Data residency
UK South is the default region. EU residency is available on request and configured per tenant.
- →Default: Azure UK South
- →EU residency on request
- →Backups in same region
- →No storage outside the contracted region
Cross-border transfers
Where transfers occur (e.g. limited support access from outside the storage region), they are governed by Standard Contractual Clauses (UK IDTA / EU SCCs).
- →UK IDTA / EU SCCs
- →Documented transfer impact assessment
- →Access logged and audited
- →Customer-specific addenda available
Sub-processors
A short list of essential sub-processors. The current list is included in your DPA and updated with prior notice for material changes.
- →Microsoft Azure (hosting)
- →Sentry (error monitoring)
- →Resend / Brevo (transactional email)
- →Notice on material changes
Data subject rights
Most rights are exercisable directly by your organisation administrators inside OpSyn. For everything else, request via your customer admin or by emailing the privacy address — we respond within statutory timescales.
Access & portability
Customer administrators can export user records, audit logs, and module data via the admin UI and the REST API.
- →User-record export
- →Audit-log export
- →Per-module CSV export
- →Full REST API access
Rectification
Profile, role, and operational records are editable directly. Historical audit entries are preserved and amendments tracked.
- →Profile edits via UI
- →Operational record corrections
- →Audit-log entries are immutable
- →Corrections tracked alongside originals
Erasure
Customer admins can deactivate users and request erasure on tenant termination. Backups expire on the documented retention schedule.
- →User deactivation in-product
- →Per-record erasure on request
- →Tenant-level erasure on termination
- →Backup expiry per retention schedule
Retention & deletion
Customer data is retained for the lifetime of the tenancy plus a 30-day grace window after termination. After grace, primary data is deleted; encrypted backups expire on their own schedule.
During the tenancy
All operational and personal data is retained as long as it is needed to deliver the service or as required by law.
- →User & tenant data
- →Audit log
- →Operational records
- →Configuration history
After termination
A 30-day grace window allows reactivation; thereafter primary data is deleted, with backups expiring on their schedule.
- →30-day grace window
- →Primary deletion after grace
- →Encrypted backups expire on schedule
- →Deletion certificate on request
Breach notification
Where a confirmed personal-data incident affects your tenancy, we notify your nominated security and privacy contacts within 72 hours of becoming aware, as required by Article 33. The notification covers nature, likely consequences, and our mitigation steps.
Cookies and similar technologies
OpSyn uses a small number of cookies. Strictly-necessary cookies are always set; analytics cookies are only set if you accept them via the consent banner. You can change your preference at any time by clearing the opsyn_consent cookie in your browser, which re-displays the banner on your next visit.
Strictly necessary
Required for the platform to function. These cannot be disabled. Under PECR Reg 6(4)(b) they do not require consent.
| Cookie | Purpose | Duration |
|---|---|---|
| en_session | Encrypted session cookie used for sign-in and CSRF protection. HTTP-only, SameSite=Lax, Secure in production. | Session |
| opsyn_consent | Records your cookie consent choice (accepted or rejected) so we don't show the banner on every visit. | 1 year |
Analytics
Set only if you click Accept all on the consent banner. Used in aggregate to understand how the public marketing site is used; never combined with operational data inside the authenticated app.
| Provider | Purpose | Duration |
|---|---|---|
| Google Tag Manager | Loads tagged analytics scripts to measure marketing site usage. Sets _ga, _gid, and similar Google Analytics cookies. IP addresses are anonymised. | Up to 2 years |
Asking us for things
For a copy of our DPA, the current sub-processor list, a records-of-processing extract, or to exercise a data subject right that your administrator can't fulfil directly, write to privacy@aptim-solutions.com.
For security-specific concerns, see our Security page.